Route Origin Authorization
$ rpki-client -vvf rpki.cnnic.cn/rpki/A9162E3D0000/137/eG7XGDdzoa_AEdih3nJKyDrp5B0.roa
File: eG7XGDdzoa_AEdih3nJKyDrp5B0.roa (raw, json)
Hash identifier: vcsIcs1VfRGkTHS+Xm9U324JUDRsnTvKAy7fpv2k6eA=
Subject key identifier: 78:6E:D7:18:37:73:A1:AF:C0:11:D8:A1:DE:72:4A:C8:3A:E9:E4:1D
Certificate issuer: /CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Certificate serial: 4D33
Authority key identifier: BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
Authority info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
Subject info access: rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/eG7XGDdzoa_AEdih3nJKyDrp5B0.roa
Signing time: Wed 01 May 2024 12:23:36 +0000
ROA not before: Wed 01 May 2024 12:23:36 +0000
ROA not after: Fri 31 Jan 2025 01:13:46 +0000
asID: 24426
IP address blocks: 36.0.64.0/18 maxlen: 18
Validation: Failed, RFC 3779 resource not subset of parent's resources
Certificate:
Data:
Version: 3 (0x2)
Serial Number: 19763 (0x4d33)
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=BDEBED8640CBA6593DA9F9A3DD228D38912458EA
Validity
Not Before: May 1 12:23:36 2024 GMT
Not After : Jan 31 01:13:46 2025 GMT
Subject: CN=786ED7183773A1AFC011D8A1DE724AC83AE9E41D
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:a6:2c:6c:39:c8:9e:27:38:d8:01:9d:e0:9d:40:
ce:fd:06:7a:5d:fc:32:60:0d:40:96:77:4e:3c:f9:
97:ec:ef:7c:75:2a:eb:f8:93:71:34:37:01:b0:2c:
6d:30:48:0c:f4:1f:58:fb:0e:c3:22:7b:a0:0d:a6:
b9:6e:c5:fd:c5:51:b6:cb:8c:5c:56:bf:e6:49:da:
78:49:d7:33:18:9b:08:54:af:d4:8e:7f:4d:40:2e:
eb:20:48:b4:bb:3b:80:f2:fc:e9:ca:1f:3b:15:ce:
47:36:c0:ad:45:60:78:4d:0a:64:16:27:26:1b:49:
72:fb:29:b6:5f:2f:49:8b:75:01:59:b3:24:e2:7c:
7e:89:b5:02:df:75:78:12:8c:b3:b1:fb:36:63:81:
df:cd:e7:c6:4f:6d:1d:97:ab:9a:50:06:8a:06:a2:
72:18:42:5a:7c:7d:d7:cf:f8:8c:e8:0e:d3:46:96:
50:35:ea:ed:a2:f4:43:c9:6c:6b:44:95:20:da:0b:
ca:08:c8:1a:c8:5e:fb:cc:ba:6b:92:8d:5a:9a:30:
5d:03:d8:3c:29:cd:72:36:fa:c0:6a:4f:e8:ee:d1:
bb:40:31:b5:0c:78:9c:5d:3e:6b:70:6a:da:cd:cb:
ee:39:43:36:de:53:11:0f:7c:39:43:f2:1c:d5:24:
ff:d1
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
78:6E:D7:18:37:73:A1:AF:C0:11:D8:A1:DE:72:4A:C8:3A:E9:E4:1D
X509v3 Authority Key Identifier:
keyid:BD:EB:ED:86:40:CB:A6:59:3D:A9:F9:A3:DD:22:8D:38:91:24:58:EA
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/vevthkDLplk9qfmj3SKNOJEkWOo.crl
Authority Information Access:
CA Issuers - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/vevthkDLplk9qfmj3SKNOJEkWOo.cer
X509v3 Key Usage: critical
Digital Signature
Subject Information Access:
Signed Object - URI:rsync://rpki.cnnic.cn/rpki/A9162E3D0000/137/eG7XGDdzoa_AEdih3nJKyDrp5B0.roa
RPKI Notify - URI:https://rpki.cnnic.cn/rrdp/notify.xml
sbgp-ipAddrBlock: critical
IPv4:
36.0.64.0/18
Signature Algorithm: sha256WithRSAEncryption
2d:9a:a0:1e:6c:11:96:72:fd:9b:0e:2f:32:d8:a7:fc:7e:10:
0d:19:47:e2:61:61:b9:05:43:2d:03:3d:25:bf:53:87:5b:13:
1b:f8:15:a3:f2:ce:a2:74:ec:32:46:bb:d8:2c:55:66:41:a6:
fd:6e:87:02:7d:28:61:f0:ca:1d:08:4a:24:79:5b:13:9b:91:
a5:2d:24:40:9f:02:98:a8:41:e0:54:42:3c:25:a8:9d:2a:80:
b5:14:d8:87:b7:ce:05:b8:e6:7a:3a:40:c2:c2:1c:a7:a5:be:
6e:4a:e3:08:aa:91:d5:26:d3:86:01:50:f2:b5:8f:cf:04:54:
07:71:d7:a3:b4:dd:3e:69:92:84:1d:e8:5f:77:d9:0a:02:9d:
53:51:d2:80:5a:d6:a9:f2:dc:e0:ed:b7:ad:ec:66:b0:87:e8:
ef:a2:ab:f5:22:7c:c0:95:a7:21:72:15:8d:f7:0e:ec:39:cf:
27:ab:12:b6:fa:19:8a:9b:ff:4b:08:9b:a3:5c:6c:c3:0e:4d:
49:8a:78:2e:4b:cc:ea:45:5e:7f:40:b7:a0:4b:f9:e3:4d:0f:
4b:64:13:c3:7f:11:78:c3:83:5d:d2:48:a6:eb:0c:92:a5:d1:
53:f9:d9:01:e9:df:b7:f5:e4:39:a8:c2:9d:e9:ca:7e:f8:30:
83:0c:6b:6c
-----BEGIN CERTIFICATE-----
MIIE1TCCA72gAwIBAgICTTMwDQYJKoZIhvcNAQELBQAwMzExMC8GA1UEAxMoQkRF
QkVEODY0MENCQTY1OTNEQTlGOUEzREQyMjhEMzg5MTI0NThFQTAeFw0yNDA1MDEx
MjIzMzZaFw0yNTAxMzEwMTEzNDZaMDMxMTAvBgNVBAMTKDc4NkVENzE4Mzc3M0Ex
QUZDMDExRDhBMURFNzI0QUM4M0FFOUU0MUQwggEiMA0GCSqGSIb3DQEBAQUAA4IB
DwAwggEKAoIBAQCmLGw5yJ4nONgBneCdQM79Bnpd/DJgDUCWd048+Zfs73x1Kuv4
k3E0NwGwLG0wSAz0H1j7DsMie6ANprluxf3FUbbLjFxWv+ZJ2nhJ1zMYmwhUr9SO
f01ALusgSLS7O4Dy/OnKHzsVzkc2wK1FYHhNCmQWJyYbSXL7KbZfL0mLdQFZsyTi
fH6JtQLfdXgSjLOx+zZjgd/N58ZPbR2Xq5pQBooGonIYQlp8fdfP+IzoDtNGllA1
6u2i9EPJbGtElSDaC8oIyBrIXvvMumuSjVqaMF0D2DwpzXI2+sBqT+ju0btAMbUM
eJxdPmtwatrNy+45QzbeUxEPfDlD8hzVJP/RAgMBAAGjggHxMIIB7TAdBgNVHQ4E
FgQUeG7XGDdzoa/AEdih3nJKyDrp5B0wHwYDVR0jBBgwFoAUvevthkDLplk9qfmj
3SKNOJEkWOowGAYDVR0gAQH/BA4wDDAKBggrBgEFBQcOAjBcBgNVHR8EVTBTMFGg
T6BNhktyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3
L3ZldnRoa0RMcGxrOXFmbWozU0tOT0pFa1dPby5jcmwwYwYIKwYBBQUHAQEEVzBV
MFMGCCsGAQUFBzAChkdyc3luYzovL3Jwa2kuY25uaWMuY24vcnBraS9BOTE2MkUz
RDAwMDAvdmV2dGhrRExwbGs5cWZtajNTS05PSkVrV09vLmNlcjAOBgNVHQ8BAf8E
BAMCB4AwgZwGCCsGAQUFBwELBIGPMIGMMFcGCCsGAQUFBzALhktyc3luYzovL3Jw
a2kuY25uaWMuY24vcnBraS9BOTE2MkUzRDAwMDAvMTM3L2VHN1hHRGR6b2FfQUVk
aWgzbkpLeURycDVCMC5yb2EwMQYIKwYBBQUHMA2GJWh0dHBzOi8vcnBraS5jbm5p
Yy5jbi9ycmRwL25vdGlmeS54bWwwHwYIKwYBBQUHAQcBAf8EEDAOMAwEAgABMAYD
BAYkAEAwDQYJKoZIhvcNAQELBQADggEBAC2aoB5sEZZy/ZsOLzLYp/x+EA0ZR+Jh
YbkFQy0DPSW/U4dbExv4FaPyzqJ07DJGu9gsVWZBpv1uhwJ9KGHwyh0ISiR5WxOb
kaUtJECfApioQeBUQjwlqJ0qgLUU2Ie3zgW45no6QMLCHKelvm5K4wiqkdUm04YB
UPK1j88EVAdx16O03T5pkoQd6F932QoCnVNR0oBa1qny3ODtt63sZrCH6O+iq/Ui
fMCVpyFyFY33Duw5zyerErb6GYqb/0sIm6NcbMMOTUmKeC5LzOpFXn9At6BL+eNN
D0tkE8N/EXjDg13SSKbrDJKl0VP52QHp37f15Dmowp3pyn74MIMMa2w=
-----END CERTIFICATE-----
Generated at Wed May 1 16:08:49 2024 by rpki-client on console.sobornost.net